﻿/**************************************************************************
创建时间:	2020/6/28
作	  者:	张存
邮 	  箱:	zhangcunliang@126.com

Copyright (c) zhcun.cn

描	述：
记	录：
***************************************************************************/
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using ZhCun.WebUtils.Authorizes;

namespace ZhCun.WebUtils
{
    public class UserAuthorizeAttribute : AuthorizeBaseAttribute
    {
        public UserAuthorizeAttribute(bool isAuth = true)
        {
            IsAuth = isAuth;
        }

        protected internal LoginUser CurrUser;

        protected override void AuthorizationHandle(AuthorizationFilterContext context)
        {
            if (!CheckFilter(context)) return;

            //if (!context.IsEffectivePolicy(this)) return;

            //if (!IsAuth) return;

            var token = context.HttpContext.GetToken();
            if (!LoginState.CheckToken(token, out CurrUser))
            {
                //验证失败，返回401 错误
                context.Result = new ContentResult() { Content = "authorization fail", StatusCode = StatusCodes.Status401Unauthorized };
                return;
            }
        }
    }
}